Upstream information

CVE-2013-1741 at MITRE

Description

Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.5
Vector AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
SUSE Bugzilla entry: 850148 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP2
  • libfreebl3 >= 3.15.3-0.3.1
  • libfreebl3-32bit >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-32bit >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
Patchnames:
sledsp2-nss-201311
SUSE Linux Enterprise Desktop 11 SP3
  • libfreebl3 >= 3.15.3-0.8.1
  • libfreebl3-32bit >= 3.15.3-0.8.1
  • libsoftokn3 >= 3.15.3-0.8.1
  • libsoftokn3-32bit >= 3.15.3-0.8.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.8.1
  • mozilla-nss-32bit >= 3.15.3-0.8.1
  • mozilla-nss-tools >= 3.15.3-0.8.1
Patchnames:
sledsp3-nss-201311
SUSE Linux Enterprise Server 11 SP1-LTSS
  • libfreebl3 >= 3.15.3-0.3.1
  • libfreebl3-32bit >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-32bit >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
Patchnames:
slessp1-nss-201311
SUSE Linux Enterprise Server 11 SP2
  • libfreebl3 >= 3.15.3-0.3.1
  • libfreebl3-32bit >= 3.15.3-0.3.1
  • libfreebl3-x86 >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nspr-x86 >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-32bit >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
  • mozilla-nss-x86 >= 3.15.3-0.3.1
Patchnames:
slessp2-nss-201311
SUSE Linux Enterprise Server 11 SP3
  • libfreebl3 >= 3.15.3-0.8.1
  • libfreebl3-32bit >= 3.15.3-0.8.1
  • libfreebl3-x86 >= 3.15.3-0.8.1
  • libsoftokn3 >= 3.15.3-0.8.1
  • libsoftokn3-32bit >= 3.15.3-0.8.1
  • libsoftokn3-x86 >= 3.15.3-0.8.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nspr-x86 >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.8.1
  • mozilla-nss-32bit >= 3.15.3-0.8.1
  • mozilla-nss-tools >= 3.15.3-0.8.1
  • mozilla-nss-x86 >= 3.15.3-0.8.1
Patchnames:
slessp3-nss-201311
SUSE Linux Enterprise Server 11 SP4
  • libfreebl3 >= 3.17.3-0.8.11
  • libfreebl3-32bit >= 3.17.3-0.8.11
  • libfreebl3-x86 >= 3.17.3-0.8.11
  • libsoftokn3 >= 3.17.3-0.8.11
  • libsoftokn3-32bit >= 3.17.3-0.8.11
  • libsoftokn3-x86 >= 3.17.3-0.8.11
  • mozilla-nss >= 3.17.3-0.8.11
  • mozilla-nss-32bit >= 3.17.3-0.8.11
  • mozilla-nss-tools >= 3.17.3-0.8.11
  • mozilla-nss-x86 >= 3.17.3-0.8.11
Patchnames:
SUSE Linux Enterprise Server 11 SP4 GA libfreebl3
SUSE Linux Enterprise Server for VMWare 11 SP2
  • libfreebl3 >= 3.15.3-0.3.1
  • libfreebl3-32bit >= 3.15.3-0.3.1
  • libfreebl3-x86 >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nspr-x86 >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-32bit >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
  • mozilla-nss-x86 >= 3.15.3-0.3.1
Patchnames:
slessp2-nss-201311
SUSE Linux Enterprise Server for VMWare 11 SP3
  • libfreebl3 >= 3.15.3-0.8.1
  • libfreebl3-32bit >= 3.15.3-0.8.1
  • libfreebl3-x86 >= 3.15.3-0.8.1
  • libsoftokn3 >= 3.15.3-0.8.1
  • libsoftokn3-32bit >= 3.15.3-0.8.1
  • libsoftokn3-x86 >= 3.15.3-0.8.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nspr-x86 >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.8.1
  • mozilla-nss-32bit >= 3.15.3-0.8.1
  • mozilla-nss-tools >= 3.15.3-0.8.1
  • mozilla-nss-x86 >= 3.15.3-0.8.1
Patchnames:
slessp3-nss-201311
SUSE Linux Enterprise Software Development Kit 11 SP2
  • mozilla-nspr-devel >= 4.10.2-0.3.1
  • mozilla-nss-devel >= 3.15.3-0.3.1
Patchnames:
sdksp2-nss-201311
SUSE Linux Enterprise Software Development Kit 11 SP3
  • mozilla-nspr-devel >= 4.10.2-0.3.1
  • mozilla-nss-devel >= 3.15.3-0.8.1
Patchnames:
sdksp3-nss-201311
SUSE Linux Enterprise Software Development Kit 11 SP4
  • mozilla-nss-devel >= 3.17.3-0.8.11
Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA mozilla-nss-devel
SUSE Linux Enterprise Server 10 SP4 LTSS for x86
  • mozilla-nspr >= 4.10.2-0.5.1
  • mozilla-nspr-devel >= 4.10.2-0.5.1
  • mozilla-nss >= 3.15.3-0.5.1
  • mozilla-nss-devel >= 3.15.3-0.5.1
  • mozilla-nss-tools >= 3.15.3-0.5.1
Builds
ZYPP Patch Nr: 8758
SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP4 LTSS for IBM zSeries 64bit
  • mozilla-nspr >= 4.10.2-0.5.1
  • mozilla-nspr-32bit >= 4.10.2-0.5.1
  • mozilla-nspr-devel >= 4.10.2-0.5.1
  • mozilla-nss >= 3.15.3-0.5.1
  • mozilla-nss-32bit >= 3.15.3-0.5.1
  • mozilla-nss-devel >= 3.15.3-0.5.1
  • mozilla-nss-tools >= 3.15.3-0.5.1
Builds
ZYPP Patch Nr: 8758
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
  • mozilla-nspr >= 4.10.2-0.5.1
  • mozilla-nspr-devel >= 4.10.2-0.5.1
  • mozilla-nss >= 3.15.3-0.5.1
  • mozilla-nss-devel >= 3.15.3-0.5.1
  • mozilla-nss-tools >= 3.15.3-0.5.1
Builds
ZYPP Patch Nr: 8757
SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
  • mozilla-nspr >= 4.10.2-0.5.1
  • mozilla-nspr-32bit >= 4.10.2-0.5.1
  • mozilla-nspr-devel >= 4.10.2-0.5.1
  • mozilla-nss >= 3.15.3-0.5.1
  • mozilla-nss-32bit >= 3.15.3-0.5.1
  • mozilla-nss-devel >= 3.15.3-0.5.1
  • mozilla-nss-tools >= 3.15.3-0.5.1
Builds
ZYPP Patch Nr: 8757
SUSE Linux Enterprise Software Development Kit 11 SP2
  • mozilla-nspr-devel >= 4.10.2-0.3.1
  • mozilla-nss-devel >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libfreebl3 >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2 for VMware
  • libfreebl3 >= 3.15.3-0.3.1
  • libfreebl3-32bit >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-32bit >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SUSE Linux Enterprise Server 11 SP2
  • libfreebl3 >= 3.15.3-0.3.1
  • libfreebl3-x86 >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-x86 >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
  • mozilla-nss-x86 >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8572
SUSE Linux Enterprise Software Development Kit 11 SP3
  • mozilla-nspr-devel >= 4.10.2-0.3.1
  • mozilla-nss-devel >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libfreebl3 >= 3.15.3-0.8.1
  • libsoftokn3 >= 3.15.3-0.8.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.8.1
  • mozilla-nss-tools >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • libfreebl3 >= 3.15.3-0.8.1
  • libfreebl3-32bit >= 3.15.3-0.8.1
  • libsoftokn3 >= 3.15.3-0.8.1
  • libsoftokn3-32bit >= 3.15.3-0.8.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.8.1
  • mozilla-nss-32bit >= 3.15.3-0.8.1
  • mozilla-nss-tools >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SUSE Linux Enterprise Server 11 SP3
  • libfreebl3 >= 3.15.3-0.8.1
  • libfreebl3-x86 >= 3.15.3-0.8.1
  • libsoftokn3 >= 3.15.3-0.8.1
  • libsoftokn3-x86 >= 3.15.3-0.8.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-x86 >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.8.1
  • mozilla-nss-tools >= 3.15.3-0.8.1
  • mozilla-nss-x86 >= 3.15.3-0.8.1
Builds
SAT Patch Nr: 8573
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libfreebl3 >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8574
SUSE Linux Enterprise Server 11 SP1 LTSS
  • libfreebl3 >= 3.15.3-0.3.1
  • libfreebl3-32bit >= 3.15.3-0.3.1
  • mozilla-nspr >= 4.10.2-0.3.1
  • mozilla-nspr-32bit >= 4.10.2-0.3.1
  • mozilla-nss >= 3.15.3-0.3.1
  • mozilla-nss-32bit >= 3.15.3-0.3.1
  • mozilla-nss-tools >= 3.15.3-0.3.1
Builds
SAT Patch Nr: 8574


Status of this issue by product and package

Product(s) Source package State
SUSE Linux Enterprise Desktop 10 SP3 MozillaFirefox Released
SUSE Linux Enterprise Desktop 10 SP3 mozilla-nspr Released
SUSE Linux Enterprise Desktop 10 SP3 mozilla-nss Released
SUSE Linux Enterprise Desktop 10 SP4 MozillaFirefox Released
SUSE Linux Enterprise Desktop 10 SP4 mozilla-nspr Released
SUSE Linux Enterprise Desktop 10 SP4 mozilla-nss Released
SUSE Linux Enterprise Desktop 11 SP1 MozillaFirefox Released
SUSE Linux Enterprise Desktop 11 SP1 mozilla-nspr Released
SUSE Linux Enterprise Desktop 11 SP1 mozilla-nss Released
SUSE Linux Enterprise Desktop 11 SP2 MozillaFirefox Released
SUSE Linux Enterprise Desktop 11 SP2 mozilla-nspr Released
SUSE Linux Enterprise Desktop 11 SP2 mozilla-nss Released
SUSE Linux Enterprise Desktop 11 SP3 MozillaFirefox Released
SUSE Linux Enterprise Desktop 11 SP3 mozilla-nspr Released
SUSE Linux Enterprise Desktop 11 SP3 mozilla-nss Released
SUSE Linux Enterprise Desktop 11 SP4 mozilla-nspr Released
SUSE Linux Enterprise Desktop 11 SP4 mozilla-nss Released
SUSE Linux Enterprise SDK 11 SP1 mozilla-nspr Released
SUSE Linux Enterprise SDK 11 SP1 mozilla-nss Released
SUSE Linux Enterprise SDK 11 SP2 mozilla-nspr Released
SUSE Linux Enterprise SDK 11 SP2 mozilla-nss Released
SUSE Linux Enterprise SDK 11 SP3 MozillaFirefox Released
SUSE Linux Enterprise SDK 11 SP3 mozilla-nspr Released
SUSE Linux Enterprise SDK 11 SP3 mozilla-nss Released
SUSE Linux Enterprise SDK 11 SP4 mozilla-nspr Released
SUSE Linux Enterprise SDK 11 SP4 mozilla-nss Released
SUSE Linux Enterprise Server 10 SP3 MozillaFirefox Released
SUSE Linux Enterprise Server 10 SP3 mozilla-nspr Released
SUSE Linux Enterprise Server 10 SP3 mozilla-nss Released
SUSE Linux Enterprise Server 10 SP4 MozillaFirefox Released
SUSE Linux Enterprise Server 10 SP4 mozilla-nspr Released
SUSE Linux Enterprise Server 10 SP4 mozilla-nss Released
SUSE Linux Enterprise Server 10 SP4 LTSS MozillaFirefox Released
SUSE Linux Enterprise Server 10 SP4 LTSS mozilla-nspr Released
SUSE Linux Enterprise Server 10 SP4 LTSS mozilla-nss Released
SUSE Linux Enterprise Server 11 SP1 MozillaFirefox Released
SUSE Linux Enterprise Server 11 SP1 mozilla-nspr Released
SUSE Linux Enterprise Server 11 SP1 mozilla-nss Released
SUSE Linux Enterprise Server 11 SP1 LTSS MozillaFirefox Released
SUSE Linux Enterprise Server 11 SP1 LTSS mozilla-nspr Released
SUSE Linux Enterprise Server 11 SP1 LTSS mozilla-nss Released
SUSE Linux Enterprise Server 11 SP2 MozillaFirefox Released
SUSE Linux Enterprise Server 11 SP2 mozilla-nspr Released
SUSE Linux Enterprise Server 11 SP2 mozilla-nss Released
SUSE Linux Enterprise Server 11 SP2 LTSS MozillaFirefox Released
SUSE Linux Enterprise Server 11 SP2 LTSS mozilla-nspr Released
SUSE Linux Enterprise Server 11 SP2 LTSS mozilla-nss Released
SUSE Linux Enterprise Server 11 SP3 MozillaFirefox Released
SUSE Linux Enterprise Server 11 SP3 mozilla-nspr Released
SUSE Linux Enterprise Server 11 SP3 mozilla-nss Released
SUSE Linux Enterprise Server 11 SP3 LTSS mozilla-nspr Released
SUSE Linux Enterprise Server 11 SP3 LTSS mozilla-nss Released
SUSE Linux Enterprise Server 11 SP4 mozilla-nspr Released
SUSE Linux Enterprise Server 11 SP4 mozilla-nss Released
SUSE Linux Enterprise Server for SAP 11 SP2 mozilla-nspr Released
SUSE Linux Enterprise Server for SAP 11 SP2 mozilla-nss Released
SUSE Linux Enterprise Server for SAP AIO 11 SP1 MozillaFirefox Released
SUSE Linux Enterprise Server for SAP AIO 11 SP1 mozilla-nspr Released
SUSE Linux Enterprise Server for SAP AIO 11 SP1 mozilla-nss Released
SUSE Linux Enterprise Server for SAP ES 11 SP1 mozilla-nspr Released
SUSE Linux Enterprise Server for SAP ES 11 SP1 mozilla-nss Released